]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 035f720) | patch
lockdown: Lock down /proc/kcore
authorDavid Howells <dhowells@redhat.com>
Tue, 20 Aug 2019 00:17:57 +0000 (17:17 -0700)
committerJames Morris <jmorris@namei.org>
Tue, 20 Aug 2019 04:54:16 +0000 (21:54 -0700)
commit1494721ecae268109a69a30278ccf06c67c77dc1
treed1029d3f5dccd6dbba74b1d0b445fa2b5ee4ffb4tree | snapshot
parent035f7209d5c1eedb5f1eaa74bb880d34a6b8ea0acommit | diff
lockdown: Lock down /proc/kcore

Disallow access to /proc/kcore when the kernel is locked down to prevent
access to cryptographic data. This is limited to lockdown
confidentiality mode and is still permitted in integrity mode.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: James Morris <jmorris@namei.org>
fs/proc/kcore.c diff | blob | history
include/linux/security.h diff | blob | history
security/lockdown/lockdown.c diff | blob | history
Linux Kernel Source Tree.